TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / 2d5652aceed0a4d3a15d949baae6cbc939ce4d75^! / .
commit2d5652aceed0a4d3a15d949baae6cbc939ce4d75[log] [tgz]
authorMateusz Starzyk <mateusz.starzyk@mobica.com>Tue Jul 27 16:07:54 2021 +0200
committerMateusz Starzyk <mateusz.starzyk@mobica.com>Tue Aug 10 13:56:37 2021 +0200
treefac63ecffb53700b72c4331238997a9e7a6263a5
parent5d97601e81af90dc92bc9577d2515f7849a25837 [diff]
Move ccm error state handling.

Remove error clearing from ccm_starts() and ccm_set_lengths().
Add error check in ccm_update_ad(), ccm_update() and ccm_finish().

Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>

diff --git a/library/ccm.c b/library/ccm.c
index 80a795f..1247f8d 100644
--- a/library/ccm.c
+++ b/library/ccm.c

@@ -118,7 +118,7 @@
     if( ( ret = mbedtls_cipher_update( &ctx->cipher_ctx, ctx->ctr, 16, tmp_buf,
                                        &olen ) ) != 0 )
     {
-        ctx->state |= CCM_STATE__ERROR;           
+        ctx->state |= CCM_STATE__ERROR;
         mbedtls_platform_zeroize(tmp_buf, sizeof(tmp_buf));
         return ret;
     }
@@ -196,11 +196,6 @@
     if( iv_len < 7 || iv_len > 13 )
         return( MBEDTLS_ERR_CCM_BAD_INPUT );
 
-    if( ctx->state & CCM_STATE__ERROR )
-    {
-        mbedtls_ccm_clear_state(ctx);
-    }
-
     ctx->mode = mode;
     ctx->q = 16 - 1 - (unsigned char) iv_len;
 
@@ -247,11 +242,6 @@
     if( total_ad_len >= 0xFF00 )
         return( MBEDTLS_ERR_CCM_BAD_INPUT );
 
-    if( ctx->state & CCM_STATE__ERROR )
-    {
-        mbedtls_ccm_clear_state(ctx);
-    }
-
     ctx->plaintext_len = plaintext_len;
     ctx->add_len = total_ad_len;
     ctx->tag_len = tag_len;
@@ -269,6 +259,11 @@
     unsigned char i;
     size_t olen, use_len, offset;
 
+    if( ctx->state & CCM_STATE__ERROR )
+    {
+        return ret;
+    }
+
     if( ctx->add_len > 0 && add_len > 0)
     {
         if( ctx->processed == 0 )
@@ -321,6 +316,11 @@
     unsigned char i;
     size_t use_len, offset, olen;
 
+    if( ctx->state & CCM_STATE__ERROR )
+    {
+        return ret;
+    }
+
     if( output_size < input_len )
         return( MBEDTLS_ERR_CCM_BAD_INPUT );
     *output_len = input_len;
@@ -397,6 +397,11 @@
     int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
     unsigned char i;
 
+    if( ctx->state & CCM_STATE__ERROR )
+    {
+        return ret;
+    }
+
     /*
      * Authentication: reset counter and crypt/mask internal tag
      */